A sandwich attack works by exploiting how automated market maker (AMM) pools reprice an asset with every trade: the larger the swap, the more the price moves along the pool's curve. Attackers run bots that continuously scan the public mempool for pending swaps large enough to move the price, then race to have their own "front-run" transaction confirmed immediately before the victim's, followed by a "back-run" transaction right after.
To win that ordering, the bot outbids the victim's gas fee so miners or validators include its transactions in the desired sequence, a practice known as a priority gas auction. The victim's swap then executes against an already inflated price and receives fewer tokens than the quote shown at the time of signing, with the difference captured entirely by the attacker.
Sandwich attacks are among the most common forms of value extraction on Ethereum-based decentralized exchanges, and the same pattern appears on Solana, where researchers estimate bots have extracted several hundred million dollars from traders through validator-level reordering rather than mempool scanning.
Common defenses include:
- Routing trades through private relays such as Flashbots Protect so pending transactions never reach the public mempool
- Setting a tight slippage tolerance so a trade reverts rather than filling at a manipulated price
- Using DEX aggregators or intent-based swap protocols that batch and settle orders off the public order flow
None of these fully eliminate the risk, and "MEV protection" branding has itself been used in scams, making due diligence on any protective tool essential.